Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
File: 62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa (raw, json)
Hash identifier: z9KkDGJcHgFbqjZ2Vvdwmg5pQJ6+fv7ri4dtnKERrzA=
Subject key identifier: E2:4A:CC:34:9B:AA:62:7E:6E:9B:EB:A7:11:AC:24:CD:AC:D9:C4:6E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0EDC62410B5642156AE9CD487CF1CBBA988DA766
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
Signing time: Tue 10 Jun 2025 17:20:43 +0000
ROA not before: Tue 10 Jun 2025 17:20:43 +0000
ROA not after: Tue 15 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:840::/46 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:dc:62:41:0b:56:42:15:6a:e9:cd:48:7c:f1:cb:ba:98:8d:a7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jun 10 17:20:43 2025 GMT
Not After : Jul 15 23:59:59 2025 GMT
Subject: serialNumber=817cea2487f8d1214f594e7f982ecdd8b985916230d21c2a4e9f0c88af03a887, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:27:e4:e4:ba:df:59:ba:14:56:11:f4:37:ca:
b9:4f:06:bc:cf:e2:ac:7f:43:28:dc:53:3b:2a:6d:
6e:73:cb:07:ac:33:54:0c:c5:f2:bd:c3:bf:ba:08:
36:fb:da:95:86:f5:42:41:35:1f:b7:e5:5d:2b:6b:
bb:e5:55:8d:74:f8:93:ca:9a:a8:60:1b:e2:b7:0a:
81:6f:68:fb:30:ac:5d:2d:8f:d1:71:3e:01:86:e8:
64:76:ba:ea:28:d5:8a:36:9f:c9:c4:2d:72:b8:30:
02:f7:8b:02:93:32:78:ac:17:f5:a9:73:d3:4a:21:
53:f5:47:56:1f:f4:32:d7:c9:7e:59:28:70:c7:9f:
60:73:46:f5:dc:fe:64:88:51:16:69:84:8c:08:05:
12:59:d2:72:3e:69:18:b4:40:88:33:56:32:a7:ce:
5b:98:e6:19:dd:e1:20:2d:38:99:63:51:cb:e6:89:
15:6b:0d:83:b7:f8:7c:54:88:df:68:46:cf:2f:40:
17:4c:61:7e:8f:35:38:4c:7c:9d:63:26:e6:d7:e8:
6c:d1:73:5f:a4:f4:2a:78:bc:87:2b:f8:ee:92:85:
19:b2:7c:4d:02:7e:9b:73:93:17:6f:4c:73:5d:f9:
1c:2a:81:e5:62:06:ad:9c:02:84:55:25:61:11:a3:
5e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4A:CC:34:9B:AA:62:7E:6E:9B:EB:A7:11:AC:24:CD:AC:D9:C4:6E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/62ddc52a-8a4f-4ef2-95ec-dbf3a76be98d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:840::/46
Signature Algorithm: sha256WithRSAEncryption
32:70:15:c3:73:a4:37:79:70:a2:a5:0a:73:86:7a:64:a1:5a:
31:54:63:10:7c:f6:9d:42:a4:cd:75:83:de:4f:f6:46:ec:08:
8a:63:d9:5e:20:0a:bb:03:68:34:f4:e5:6f:2a:d6:d7:5a:d8:
30:3f:be:60:18:c7:4f:3d:54:17:b9:29:46:b2:dc:09:31:a3:
a1:be:75:b2:2c:ac:a0:cb:f1:e2:18:4a:ff:66:3a:05:75:10:
6a:7c:65:f6:77:70:78:35:03:2e:1b:c3:ce:05:6c:99:a2:8c:
44:21:5e:d9:f5:2b:b9:a5:3e:6a:f0:ab:31:9a:b8:b3:70:62:
6f:0f:09:c8:ef:85:8a:63:54:33:65:0f:4d:7d:3d:f9:11:b0:
1a:8e:4d:d9:cb:fa:f7:0a:1b:9b:45:12:c7:86:76:d1:fd:ff:
76:53:53:23:f8:7f:8a:3d:13:7a:91:ac:27:7f:c0:b8:f7:ed:
01:e4:a0:fc:e8:27:67:8f:20:38:5b:7f:c1:d1:75:01:91:71:
36:98:c3:4a:82:0a:4a:19:57:26:ae:2b:7c:ed:42:1c:17:ce:
be:56:cd:5a:c8:1b:f5:42:60:33:02:0c:bc:ce:d7:e9:df:45:
b1:47:48:52:96:19:0a:bb:3f:c3:f6:dd:06:50:fc:39:e7:4e:
6b:66:c1:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDtxiQQtWQhVq6c1IfPHLupiNp2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA2MTAxNzIwNDNaFw0yNTA3MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxN2NlYTI0ODdmOGQxMjE0ZjU5NGU3Zjk4MmVjZGQ4Yjk4NTkxNjIzMGQy
MWMyYTRlOWYwYzg4YWYwM2E4ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALMn5OS631m6FFYR9DfKuU8GvM/irH9DKNxTOyptbnPLB6wzVAzF8r3Dv7oI
NvvalYb1QkE1H7flXStru+VVjXT4k8qaqGAb4rcKgW9o+zCsXS2P0XE+AYboZHa6
6ijVijafycQtcrgwAveLApMyeKwX9alz00ohU/VHVh/0MtfJflkocMefYHNG9dz+
ZIhRFmmEjAgFElnScj5pGLRAiDNWMqfOW5jmGd3hIC04mWNRy+aJFWsNg7f4fFSI
32hGzy9AF0xhfo81OEx8nWMm5tfobNFzX6T0Kni8hyv47pKFGbJ8TQJ+m3OTF29M
c135HCqB5WIGrZwChFUlYRGjXn0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTiSsw0
m6pifm6b66cRrCTNrNnEbjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjJkZGM1MmEtOGE0Zi00ZWYyLTk1ZWMtZGJmM2E3NmJlOThkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DUI
QDANBgkqhkiG9w0BAQsFAAOCAQEAMnAVw3OkN3lwoqUKc4Z6ZKFaMVRjEHz2nUKk
zXWD3k/2RuwIimPZXiAKuwNoNPTlbyrW11rYMD++YBjHTz1UF7kpRrLcCTGjob51
siysoMvx4hhK/2Y6BXUQanxl9ndweDUDLhvDzgVsmaKMRCFe2fUruaU+avCrMZq4
s3Bibw8JyO+FimNUM2UPTX09+RGwGo5N2cv69wobm0USx4Z20f3/dlNTI/h/ij0T
epGsJ3/AuPftAeSg/OgnZ48gOFt/wdF1AZFxNpjDSoIKShlXJq4rfO1CHBfOvlbN
Wsgb9UJgMwIMvM7X6d9FsUdIUpYZCrs/w/bdBlD8OedOa2bByA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:36:53 2025 by rpki-client